Hi there,
I am searching now for weeks to find the best way
to secure my webserver. I want users to be able to run cgi and php scripts. For
the securtity all the scripts have to run under there own names. All the users
that may use scripts, have a virtual host.
I tried with suexec. It works perfect, no problem.
But at the tot of every php script, you have to add #!/usr/bin/php, witch gives
a lot of trouble to users, by example when scripts are run by webserver from
outside and the same script is also included (that the line should not exist). I
couldn't find with the suexec configuration how to "solve" this. Anybody has an
idea.
Next thing i tried was the cgiwrapper. With a patch
you can make 2, a cgiwrap and a php-cgiwrap, and then the first line isn't
nesesarry anymore. Problem now, He looks after directory names, so all
virtualhosts doesn't work, because he can't find the right user.
The question now. What is the best and most secure
way to solve this?
Greetings,
Casper Gondelach
|